Welcome to the InfoSci Platform
Reference Hub3
A Secure Mobile Wallet Framework with Formal Verification

A Secure Mobile Wallet Framework with Formal Verification

Shaik Shakeel Ahamad, V. N. Sastry, Siba K. Udgata
Copyright: © 2012 |Volume: 4 |Issue: 2 |Pages: 15
ISSN: 1937-965X|EISSN: 1937-9668|EISBN13: 9781466610583|DOI: 10.4018/japuc.2012040101
Cite Article Cite Article

MLA

Ahamad, Shaik Shakeel, et al. "A Secure Mobile Wallet Framework with Formal Verification." IJAPUC vol.4, no.2 2012: pp.1-15. http://doi.org/10.4018/japuc.2012040101

APA

Ahamad, S. S., Sastry, V. N., & Udgata, S. K. (2012). A Secure Mobile Wallet Framework with Formal Verification. International Journal of Advanced Pervasive and Ubiquitous Computing (IJAPUC), 4(2), 1-15. http://doi.org/10.4018/japuc.2012040101

Chicago

Ahamad, Shaik Shakeel, V. N. Sastry, and Siba K. Udgata. "A Secure Mobile Wallet Framework with Formal Verification," International Journal of Advanced Pervasive and Ubiquitous Computing (IJAPUC) 4, no.2: 1-15. http://doi.org/10.4018/japuc.2012040101

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

This paper proposes a Secure Mobile Wallet Framework (SMWF) using WPKI (Wireless Public Key Infrastructure) and UICC (Universal Integrated Circuit Card) by defining (a) a procedure of personalizing UICC by the client, (b) a procedure of provisioning and personalization (Mutual Authentication and Key Agreement Protocol) of Mobile Payments Application (which is on UICC) by the Bank and (c) our proposed mobile wallet is will have mobile wallet manager managed by CA (acting as TSM), every mobile application is independent, protected by firewalls and encrypted data is stored in the mobile wallet application. Their proposed Mobile Wallet ensures end to end security. The authors’ proposed SMWF is compared with recent works and found to be better in terms of generating client’s credentials, implementation of WPKI in UICC, personalization of mobile payment application by the bank and in ensuring end to end security (i.e., from Mobile Payments Application in UICC to the Bank Server). The proposed mobile payment protocol originating from Mobile Payment Application (which is on UICC) to the Bank Server realizes Fair Exchange ensures Confidentiality, Authentication, Integrity and Non Repudiation, prevents double spending, over spending and money laundering, and withstands replay, Man in the Middle (MITM) and Impersonation attacks. Proposed mobile payment protocol is formally verified using AVISPA and Scyther Tool and presented with results.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.